> confused why under 5.2. Authenticator Responses it says `This attribute contains a JSON serialization of the client data passed to the authenticator by the client in its call to either create() or get().` This could definitely be made clearer. > why (for registration) `pubKeyCred.response.clientDataJSON` gets its value from `credentialCreationData.clientDataJSONResult` instead of `clientDataJSON` Because, for brevity's sake, it should be kept in bytes until needing to be unpacked by the RP The references that you list (one of which I am an author of and will update) are somewhat simplifying what occurs I think: the authenticator does indeed only request the `clientDataHash` rather than a byte-serialized version of the `ClientDataJSON`. -- GitHub Notification of comment by nicksteele Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1442#issuecomment-645699784 using your GitHub accountReceived on Thursday, 18 June 2020 00:37:47 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:41 UTC